
using System.Web.UI.HtmlControls;
using System;
using System.Configuration;
using System.Drawing;
using System.Data;
using System.Web.UI.WebControls;
using Microsoft.VisualBasic;
using System.Collections;
using System.Web.UI;
using System.Web;


using System.IO;
using System.Text;
//using com.ddsc.database;
using DDSC.OracleADO;
using com.ddsc.common;
using SMAS;
using System.Resources;

namespace smasb2b
{
	public class AUTO_CHG_PWD : BasePage
	{
		
#region  Web Form 設計工具產生的程式碼
		
		//此為 Web Form 設計工具所需的呼叫。
		[System.Diagnostics.DebuggerStepThrough()]private void InitializeComponent()
		{
			
		}
		protected System.Web.UI.HtmlControls.HtmlImage IMG1;
		protected System.Web.UI.WebControls.Label lblMSG004;
		protected System.Web.UI.WebControls.Label lblMSG005;
		protected System.Web.UI.WebControls.ImageButton btnSUBMIT;
		protected System.Web.UI.WebControls.Label Label4;
		protected System.Web.UI.WebControls.Label Label5;
		protected System.Web.UI.WebControls.Label lblNEW_PWD;
		protected System.Web.UI.WebControls.Label lblNEW_PWD_CONFIRM;
		protected ddscControlLibrary.InputBoxCtrl txtNEW_PWD;
		protected ddscControlLibrary.InputBoxCtrl txtNEW_PWD_CONFIRM;
		protected ddscControlLibrary.SubmitButtonCtrl btnSAVE;
		protected System.Web.UI.WebControls.Label lblLoginInfo;
		protected System.Web.UI.WebControls.Label lblMSG074;
		protected System.Web.UI.WebControls.Label lblMSG073;
		
		//注意: 下列預留位置宣告是 Web Form 設計工具需要的項目。
		//請勿刪除或移動它。
		private System.Object designerPlaceholderDeclaration;
		
		private void Page_Init(System.Object sender, System.EventArgs e)
		{
			//CODEGEN: 此為 Web Form 設計工具所需的方法呼叫
			//請勿使用程式碼編輯器進行修改。
			InitializeComponent();
		}
		
#endregion
		//Dim BasePage As BasePage = New BasePage
		DataBase DataBase = new DataBase();
		BasePage BasePage = new BasePage();
		StringBuilder sb = new StringBuilder();
       
        private void Page_Load(System.Object sender, System.EventArgs e)
		{
			//在這裡放置使用者程式碼以初始化網頁
			this.btnSAVE.Click+=btnSAVE_Click;
			
		}
		
		//20110106 Jaff 新增判斷密碼長度不得小於8碼且不得和前二次密碼一樣
		public string IsVaild()
		{
			DataSet ReturnDS = default(DataSet);
            //Ken : 0.Modify local variables
            dbAccess dba = new dbAccess();
            ArrayList m_arrParam = new ArrayList();
			string msg = "";
			FunctionHandler fh = new FunctionHandler();
			try
			{
				
				
				string NEW_PWD = fh.Encrypt(this.txtNEW_PWD.Text.Trim().ToUpper());
				if (this.txtNEW_PWD.Text.Trim() != this.txtNEW_PWD_CONFIRM.Text.Trim())
				{
					//新密碼與確認密碼不相同
					msg = System.Convert.ToString("New Password and Confirm Password can\'t be different!" + "\r\n");
				}
				else if (this.txtNEW_PWD.Text.Trim() == "")
				{
					//密碼全部是空白
					msg = System.Convert.ToString("Password can\'t be space!" + "\r\n");
				}
				else
				{
					if (this.txtNEW_PWD.Text.Trim().Length < 8)
					{
						//密碼小於8個字
						msg = System.Convert.ToString("Password must more than 8 characters!" + "\r\n");
					}
				}
				
				StringBuilder sb = new StringBuilder();
                //Ken : 1.修改SQL語法使用參數，不組字串
				sb.Append("SELECT COUNT(*) CNT");
				sb.Append("  FROM VND_VENDOR_AUTHORITY");
				//sb.Append(" WHERE VENDOR_NO =\'" + Request["VENDOR_NO"].ToString() + "\'");
				//sb.Append("   AND (VENDOR_PWD=\'" + NEW_PWD + "\' OR LAST_PASS=\'" + NEW_PWD + "\')");
                sb.Append(" WHERE VENDOR_NO =:VENDORNO");
                sb.Append("   AND (VENDOR_PWD=:NEWPWD OR LAST_PASS=:NEWPWD)");
				//dba = new dbAccess();
                //Ken : 2.設定動態參數物件
                m_arrParam.Add(dba.GetOracleParam(":VENDORNO", Request["VENDOR_NO"].ToString()));
                m_arrParam.Add(dba.GetOracleParam(":NEWPWD",NEW_PWD));
                //Ken : 3.修改執行方法Overload
                //ReturnDS = dba.runExecuteQuery("CHECK", sb.ToString());
                ReturnDS = dba.runExecuteQuery("CHECK", sb.ToString(), m_arrParam);
				if (System.Convert.ToInt32(ReturnDS.Tables["CHECK"].Rows[0]["CNT"]) > 0)
				{
					//密碼和前二次相同
					msg += "New password can\'t the same with last 2 times.";
				}
			}
			catch (Exception)
			{
				msg = "Check error!";
			}
			
			return msg;
		}
		
		private void btnSAVE_Click(object sender, System.EventArgs e)
		{
			FunctionHandler fh = new FunctionHandler();
			DataSet ReturnDS;
			//dbAccess dba = default(dbAccess);
            //Ken : 0.Modify local variables
            dbAccess dba = new dbAccess();
            ArrayList m_arrParam = new ArrayList();
            string msg = IsVaild();
			
			try
			{
				
				if (string.IsNullOrEmpty(msg))
				{
					string NEW_PWD = fh.Encrypt(this.txtNEW_PWD.Text.Trim().ToUpper());
					string LAST_PWD = Request["PWD"].ToString();
					StringBuilder sb = new StringBuilder();
                    //Ken : 1.修改SQL語法使用參數，不組字串
                    sb.Append("UPDATE VND_VENDOR_AUTHORITY");
                    //sb.Append("   SET UPD_DATE=to_char(SYSDATE,\'YYYYMMDD\'),VENDOR_PWD=\'" + NEW_PWD + "\'");
                    //sb.Append("     , LAST_PASS=\'" + LAST_PWD + "\'");
                    //sb.Append(" WHERE VENDOR_NO =\'" + Request["VENDOR_NO"].ToString() + "\'");
                    sb.Append("   SET UPD_DATE=to_char(SYSDATE,\'YYYYMMDD\'),VENDOR_PWD=:NEWPWD");
                    sb.Append("     , LAST_PASS=:LASTPWD");
                    sb.Append(" WHERE VENDOR_NO =:VENDORNO");
					//dba = new dbAccess();

                    //Ken : 2.設定動態參數物件
                    m_arrParam.Add(dba.GetOracleParam(":NEWPWD", NEW_PWD));
                    m_arrParam.Add(dba.GetOracleParam(":LASTPWD", LAST_PWD));
                    m_arrParam.Add(dba.GetOracleParam(":VENDORNO", Request["VENDOR_NO"].ToString()));
                    
                    //Ken : 3.修改執行方法Overload
                    //ReturnDS = dba.runExecuteQuery("VND_VENDOR_AUTHORITY", sb.ToString());
                    ReturnDS = dba.runExecuteNonQuery(sb.ToString(), m_arrParam);
					
					
					//'If ReturnDS.Tables("info").Rows(0)("ReturnCode") = "000" Then
					Response.Write("<script language=\'javascript\'> alert(\'Change completement! Please login again!\');location.href =\'/smasb2b/default.aspx\'; </script>");
					Response.End();
					//'Else
					//'Response.Write("<script language='javascript'> alert('aaa!'); </script>")
					//'End If
				}
				else
				{
					lblLoginInfo.Text = msg;
				}
				
			}
			catch (Exception ex)
			{
				lblLoginInfo.Text = ex.Message;
			}
		}
	}
	
}
